×

Integrating security policy and event management

  • US 9,548,994 B2
  • Filed: 09/16/2014
  • Issued: 01/17/2017
  • Est. Priority Date: 10/18/2011
  • Status: Active Grant
First Claim
Patent Images

1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:

  • access security data identifying a plurality of security events detected in a computing system, wherein each of the plurality of security events is based on a respective one of a plurality of security policies;

    determine, for each of the plurality of security events, attributes of the event from the security data;

    present a representation of the plurality of security events in an interactive graphical user interface, wherein the representation comprises a plurality of graphical elements, each graphical element represents a respective subset of the plurality of security events corresponding to an intersection of at least two respective event attributes, size of each graphical element is rendered to indicate an amount of the plurality of security events included in the corresponding subset; and

    detect a user interaction with a particular one of the plurality of graphical elements through the graphical user interface, wherein the particular graphical element corresponds to a particular subset of the plurality of security events, and the user interaction causes a presentation of a view, within the graphical user interface, identifying a respective subset of the plurality of security policies corresponding to detection of the particular subset of security events.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×